def mutate(self, packets): broadcast = self.broadcast timer = self.timer result = [] #if fragmented or packets too short if utils.check_fragmentation(packets[0]) or len(packets)<2: return packets for i in range(0,len(packets)): forged = packets[i].copy() #del tcp payload forged.payload = utils.tcp_bad_payload(forged.payload, utils.NOPAYLOAD) #set fields forged.payload.seq += i*527600 forged.payload.flags = 'S' #broadcast address forged.dst = broadcast #set timer forged.timeout = timer #append packets result.append(packets[i]) result.append(forged) return result
def mutate(self, packets): result = [] numseg = self.numseg position = self.position #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets #if numseg >= len(packets): # return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) forged.flags = 0 if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg-1, forged) else: packets.append(packets[numseg-1]) del(packets[numseg-1]) packets.insert(numseg-1, forged) return packets
def mutate(self, packets): numseg = self.numseg position = self.position # Not enough segments, Syn or Ack, return if ( utils.check_length(numseg, packets) or utils.check_syn(packets[numseg - 1]) or utils.check_ack(packets[numseg - 1]) ): return packets forged = packets[numseg - 1].copy() forged = utils.tcp_bad_payload(forged) # calculate and modify chksum forged.chksum = scapy.checksum(forged) + 1 """il frammento manipolato dovrebbe essere preso per buono da snort -k notcp ma scartato da host vittima. """ # insert forged segment if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg - 1, forged) # last position is for original packet, not the forged one!!!! elif position == "last": packets.append(packets[numseg - 1]) del (packets[numseg - 1]) packets.insert(numseg - 1, forged) return packets
def mutate(self, packets): numseg = self.numseg thl = self.thl position = self.position #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) #modify data offset in tcp field forged.dataofs = thl #insert forged segment if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg-1, forged) elif position == "last": packets.append(packets[numseg-1]) del(packets[numseg-1]) packets.insert(numseg-1, forged) return packets
def mutate(self, packets): BADMAC = self.BADMAC timer = self.timer numframe = self.numframe #if packet is fragmented,SYN or ACK do nothing if utils.check_length(numframe, packets) or utils.check_syn(packets[numframe-1].payload.payload) or utils.check_ack(packets[numframe-1].payload.payload) or utils.check_fragmentation(packets[numframe-1].payload): return packets #create fake RST forged = packets[numframe-1].copy() forged.payload.payload = utils.tcp_bad_payload(forged.payload.payload, utils.NOPAYLOAD) forged.dst=BADMAC #set reset flag forged.payload.payload.flags = 'R' #insert fake RST packets.insert(numframe-1, forged) #append original packets.append(packets[numframe]) del(packets[numframe]) #create fake SYN forged_syn = packets[numframe-1].copy() forged_syn.dst=BADMAC forged_syn.timeout = timer forged_syn.payload.payload.flags = 'S' forged_syn.payload.payload.seq += 103245 forged_syn.payload.payload.ack = 0 #insert fake SYN packets.insert(numframe, forged_syn) #create fake SYN/ACK forged_synack = packets[numframe-1].copy() forged_synack.dst=BADMAC forged_synack.payload.payload.sport = packets[numframe].payload.payload.dport forged_synack.payload.payload.dport = packets[numframe].payload.payload.sport forged_synack.payload.payload.flags = 'SA' forged_synack.payload.payload.seq += 207654 forged_synack.payload.payload.ack = packets[numframe].payload.payload.seq + 1 forged_synack.payload.dst = packets[numframe].payload.src forged_synack.payload.src = packets[numframe].payload.dst #insert fake SYN/ACK packets.insert(numframe+1, forged_synack) #create fake ACK forged_ack = packets[numframe-1].copy() forged_ack.dst=BADMAC forged_ack.payload.payload.flags = 'A' forged_ack.payload.payload.seq = packets[numframe+1].payload.payload.ack forged_ack.payload.payload.ack = packets[numframe+1].payload.payload.seq + 1 #insert fake SYN/ACK packets.insert(numframe+2, forged_ack) #delete reset del(packets[numframe-1]) return packets
def mutate(self, packets): result = [] numseg = self.numseg timer = self.timer #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged, utils.NOPAYLOAD) forged.flags = 'R' #calculate and modify chksum forged.chksum = scapy.checksum(forged)+1 packets.insert(numseg-1, forged) packets[numseg].timeout = timer return packets
def mutate(self, packets): numseg = self.numseg timer = self.timer offset = self.offset #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged, utils.NOPAYLOAD) forged.flags = 'R' #seq. number forged.seq += offset packets.insert(numseg-1, forged) packets[numseg].timeout = timer return packets
def mutate(self, packets): numseg = self.numseg position = self.position option = self.opt #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets if option == "mss": forged=scapy.TCP(options=[("MSS",144)])/packets[numseg-1].load elif option == "timestamp": forged=scapy.TCP(options=[("Timestamp",(0,-1))])/packets[numseg-1].load elif option == "wscale": forged=scapy.TCP(options=[("WScale", 10)])/packets[numseg-1].load elif option == "sackok": forged=scapy.TCP(options=[("SAckOK", 1)])/packets[numseg-1].load forged.sport = packets[numseg-1].sport forged.dport = packets[numseg-1].dport forged.seq = packets[numseg-1].seq forged.ack = packets[numseg-1].ack forged.dataofs = packets[numseg-1].dataofs forged.reserverd = packets[numseg-1].reserved forged.flags = packets[numseg-1].flags if option =="timestamp": #disable ACK flag forged.flags = 0 forged.window = packets[numseg-1].window forged.urgptr = packets[numseg-1].urgptr '''nell elenco in __init__.py, mettere TCPBadOption prima di TCPFakeReset per non rischiare che operatore precedente abbia cancellato il payload''' forged = utils.tcp_bad_payload(forged) if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg-1, forged) else: packets.append(packets[numseg-1]) del(packets[numseg-1]) packets.insert(numseg-1, forged) return packets
def mutate(self, packets): numseg = self.numseg position = self.position #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) if position == "after": #forged after original packets.insert(numseg, forged) else: #forged one before original packets.insert(numseg-1, forged) return packets
def mutate(self, packets): numseg = self.numseg position = self.position flags_ = self.flags #do nothing if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) forged.flags = flags_ if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg-1, forged) else: packets.append(packets[numseg-1]) del(packets[numseg-1]) packets.insert(numseg-1, forged) return packets